On the guest VM, a tcpdump of its eth1 interface (tap2) shows traffic from its eth0 interface (tap5), as if the 2 bridges are themselves bridged. This means any interface on br100 is now bridged across to br0 - which is completely broken.

2 Answers
2

It's not entirely clear what you're trying to do with your configuration - what's happening with the upstream switch as far as any interconnection amongst the six VLAN's coming into eth0?

The other thing that pops out is that you've both got an IP address on eth0 as well as VLAN interfaces. Put the IP on the bridge interface if you're trying to present the same subnet to the various VLAN's (...not that this configuration entirely makes sense). Again, some additional background on what you're trying to achieve would be helpful.

For what it's worth, the usual configuration is a single VLAN in a bridge with multiple VM interfaces (i.e. multiple VM's on a given subnet) rather than the inverse.